Explore a comprehensive conference talk on securing Linux-based embedded systems against various cyber threats. Learn about essential security mechanisms like DM-Crypt, DM-Verity, Secure Boot, TEE sub-system, FScrypt, and IMA. Discover practical strategies for integrating these mechanisms into diverse embedded systems, including mobile phones, tablets, network-attached DVRs, routers, and IoT hubs, while optimizing limited hardware resources. Gain insights from Gilad Ben-Yossef, a principal software engineer at Arm, as he delves into topics such as trust, fail-safe systems, chain of trust, full disk encryption, Trust Zone, and the Integrity Measurement Architecture. Enhance your understanding of building resilient Linux-based systems to protect against nefarious attacks in the ever-evolving landscape of cybersecurity.
Protecting Your System from Security Threats - Linux Security Mechanisms
Overview
Syllabus
Introduction
Who am I
Storytime
What happened
The problem definition
What does trust mean
What does it mean to fail safely
How do you build your system
Secure Boot
Chain of Trust
Change of Trust
DM Verity
Miracle Tree
Verity
Full Disk Encryption
System Setup
Encryption
Encryption Example
Trust Zone
Keyblob
Hubble Model
Advanced System Setup
Integrity Measurement Architecture
EVM
Taught by
Linux Foundation
